Information on source package libsixel

Available versions

ReleaseVersion
jessie1.1.2-1
stretch1.5.2-2+deb9u1
buster1.8.2-1+deb10u1
bullseye1.8.6-2
bookworm1.10.3-3
trixie1.10.3-3
sid1.10.3-3

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2022-29978vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerableThere is a floating point exception error in sixel_encoder_do_resize, ...
CVE-2022-29977vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerableThere is an assertion failure error in stbi__jpeg_huff_decode, stb_ima ...
CVE-2022-27046vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedlibsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in ...
CVE-2022-27044vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedlibsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c: ...
CVE-2021-46700vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableIn libsixel 1.8.6, sixel_encoder_output_without_macro (called from six ...
CVE-2021-45340vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerablevulnerableIn Libsixel prior to and including v1.10.3, a NULL pointer dereference ...
CVE-2021-41715vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedlibsixel 1.10.0 is vulnerable to Use after free in libsixel/src/dither ...
CVE-2021-40656vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedlibsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/ ...
CVE-2020-36120vulnerablevulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerableBuffer Overflow in the "sixel_encoder_encode_bytes" function of Libsix ...
CVE-2020-21677vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedA heap-based buffer overflow in the sixel_encoder_output_without_macro ...
CVE-2020-21548vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedLibsixel 1.8.3 contains a heap-based buffer overflow in the sixel_enco ...
CVE-2020-21547vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedLibsixel 1.8.2 contains a heap-based buffer overflow in the dither_fun ...
CVE-2020-21050vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedLibsixel prior to v1.8.3 contains a stack buffer overflow in the funct ...
CVE-2020-21049vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedAn invalid read in the stb_image.h component of libsixel prior to v1.8 ...
CVE-2020-21048vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedAn issue in the dither.c component of libsixel prior to v1.8.4 allows ...
CVE-2020-19668vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedUnverified indexs into the array lead to out of bound access in the gi ...
CVE-2020-11721vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedload_png in loader.c in libsixel.a in libsixel 1.8.6 has an uninitiali ...
CVE-2019-20205vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedlibsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame. ...
CVE-2019-20140vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in libsixel 1.8.4. There is a heap-based buffe ...
CVE-2019-20094vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in libsixel 1.8.4. There is a heap-based buffe ...
CVE-2019-20056vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedstb_image.h (aka the stb image loader) 2.23, as used in libsixel and o ...
CVE-2019-20024vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedA heap-based buffer overflow was discovered in image_buffer_resize in ...
CVE-2019-20023vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedA memory leak was discovered in image_buffer_resize in fromsixel.c in ...
CVE-2019-20022vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedAn invalid memory address dereference was discovered in load_pnm in fr ...
CVE-2019-19778vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in libsixel 1.8.2. There is a heap-based buffe ...
CVE-2019-19777vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedstb_image.h (aka the stb image loader) 2.23, as used in libsixel and o ...
CVE-2019-19638vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in libsixel 1.8.2. There is a heap-based buffe ...
CVE-2019-19637vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in libsixel 1.8.2. There is an integer overflo ...
CVE-2019-19636vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in libsixel 1.8.2. There is an integer overflo ...
CVE-2019-19635vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in libsixel 1.8.2. There is a heap-based buffe ...
CVE-2019-3574vulnerable (no DSA)fixedfixedfixedfixedfixedfixedIn libsixel v1.8.2, there is a heap-based buffer over-read in the func ...
CVE-2019-3573vulnerable (no DSA, postponed)fixedfixedfixedfixedfixedfixedIn libsixel v1.8.2, there is an infinite loop in the function sixel_de ...
CVE-2018-19761vulnerable (no DSA)fixedfixedfixedfixedfixedfixedThere is an illegal address access at fromsixel.c (function: sixel_dec ...
CVE-2018-19759vulnerable (no DSA)fixedfixedfixedfixedfixedfixedThere is a heap-based buffer over-read at stb_image_write.h (function: ...
CVE-2018-19757vulnerable (no DSA)fixedfixedfixedfixedfixedfixedThere is a NULL pointer dereference at function sixel_helper_set_addit ...
CVE-2018-14073vulnerable (no DSA, postponed)fixedfixedfixedfixedfixedfixedlibsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c ...
CVE-2018-14072vulnerable (no DSA, postponed)fixedfixedfixedfixedfixedfixedlibsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2019-11024vulnerablevulnerablevulnerablefixedfixedfixedfixedThe load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has ...

Resolved issues

BugDescription
CVE-2018-19763There is a heap-based buffer over-read at writer.c (function: write_pn ...
CVE-2018-19762There is a heap-based buffer overflow at fromsixel.c (function: image_ ...
CVE-2018-19756There is a heap-based buffer over-read at stb_image.h (function: stbi_ ...

Search for package or bug name: Reporting problems